]> git.ipfire.org Git - thirdparty/systemd.git/commitdiff
projects / thirdparty / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cfb623b)
core: update audit messages
authorChristian Göttsche <cgzones@googlemail.com>
Fri, 4 Nov 2022 15:30:57 +0000 (16:30 +0100)
committerLuca Boccassi <luca.boccassi@gmail.com>
Sat, 5 Nov 2022 18:19:28 +0000 (19:19 +0100)
Pass getuid() instead of literal `0` as auid, since user session
managers also issue audit messages on SELinux denials.

src/core/selinux-access.c patch | blob | blame | history

diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c
index c69baa8a1a7ac31d9f9898d62fe984a30de8d283..c1744cff92da4369e43abeeb9f327900f5cd4cf7 100644 (file)
--- a/src/core/selinux-access.c
+++ b/src/core/selinux-access.c
@@ -113,9 +113,9 @@ _printf_(2, 3) static int log_callback(int type, const char *fmt, ...) {
 
                 if (r >= 0) {
                         if (type == SELINUX_AVC)
-                                audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_AVC, buf, NULL, NULL, NULL, 0);
+                                audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_AVC, buf, NULL, NULL, NULL, getuid());
                         else if (type == SELINUX_ERROR)
-                                audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_SELINUX_ERR, buf, NULL, NULL, NULL, 0);
+                                audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_SELINUX_ERR, buf, NULL, NULL, NULL, getuid());
 
                         return 0;
                 }
Unnamed repository; edit this file 'description' to name the repository.